Froala 4.1.3 Release – XSS vulnerability resolved, Safari iPad Support, and more
We are pleased to announce the release of Froala version 4.1.3. This release is a must-have for all users as it addresses critical security vulnerabilities, ensures stability, improves performance, and delivers a seamless user experience. This release emphasizes our commitment to providing a safer and smoother experience for all users. We encourage you to update to this latest version and enjoy an even better Froala.
Key Highlights
This release comes with several improvements and enhancements. Let’s take a look at the key highlights:
- Resolving XSS vulnerability in the insert link field
- Safari iPad Support
- Improvements for table resizing
- Improvements for content pasting from different sources.
- and More.
Let’s dig deep into the most significant changes in this release.
Resolving XSS vulnerability in the insert link field
We’ve discovered a cross-site scripting (XSS) vulnerability that lets attackers use the insert link field to add and run code. Examples of such attacks are
- The attacker can change what the user sees on the original page.
- The attacker can redirect you to a phishing screen.
- The attacker can collect or solicit information via input and fake forms.
- Others.
Froala’s latest release stops these attacks, making sure your content stays safe and your users are protected. Update to Froala 4.1.3 today and ensure a secure environment for your content to thrive.
Safari iPad Support
Froala is famous for working well on various platforms, and now we’ve added support for Safari on iPad. This means you can enjoy the same easy editing experience on your iPad as you do on your PC, creating, editing, and managing content with ease.
Improvements for table resizing
Tables are an important component of web content. Many users use tables for organizing and presenting data in a structured manner.
Froala simplifies the creation and editing of tables. In this release, we have made significant improvements to table resizing. We’ve improved how you can resize tables, making it easier and more precise to adjust their size. This ensures that you can create tables that perfectly fit your content and layout needs.
When it comes to table resizing, Froala empowers you with complete control. You have the capability to enable or disable cell resizing, as well as set the resizing offset and limit. To accomplish this, simply leverage the following API options:
- tableResizer: Enables resizing table cells. By default it is true.
- tableResizerOffset: The distance in pixels from the table cell’s left or right border to show the resizer. The default value is 5.
- tableResizingLimit: The minimum width in pixels of a table cell is allowed while resizing. The resizer cannot be dragged over this limit. The default value is 20.
Improvements for content pasting from different sources
We understand it’s vital for users to copy and paste content without losing its look and quality. When it comes to pasting content from 3rd party tools, Froala is more efficient than TinyMCE and CKEditor. However, some users saw an error in the console when pasting from Word documents.Â
By updating Froala 4.1.3, no errors will appear on the console after pasting content from Word. Moreover, we have improved the editor code to prevent the creation of unwanted newlines when users copy and paste text.
Also, in the past, some users had problems with pasted images being wider than the original when the imageOutputSize API option was set to true. Enabling imageOutputSize sets the image width and height attributes but it shouldn’t change the image width when it is pasted. That’s exactly the behavior of the editor you will get when updating to Froala 4.1.3.
These updates help users copy and paste content without losing formatting or errors.
And More!
Fixed the issue where the editor could not convert external styles of HTML elements to inline when the useClasses API option was set to false.
It’s time to update!
Don’t miss out on the benefits of the latest Froala 4.1.3 release. Update today and experience a safer, more efficient, and smoother content editing platform.
If you are using a plain JavaScript library or other framework, check the get started page to know the proper way of downloading the latest Froala Editor release and how to include it in your project based on your preferred method.
If you are using a plain JavaScript library or other framework, follow the table below to know how to download the latest Froala Editor release and how to include it in your project based on your preferred method.
| Method | How to download | Include in your project | |
| CDN | – |
<!-- Include Editor stylesheet--> <link href="https://cdn.jsdelivr.net/npm/[email protected]/css/froala_editor.pkgd.min.css" rel="stylesheet" type="text/css" /> <!-- Include Editor JavaScript file--> <script type="text/javascript" src="https://cdn.jsdelivr.net/npm/[email protected]/js/froala_editor.pkgd.min.js"></script> |
|
| CDN (Always the latest version) | – |
<!-- Include Editor stylesheet--> <link href="https://cdn.jsdelivr.net/npm/froala-editor@latest/css/froala_editor.pkgd.min.css" rel="stylesheet" type="text/css" /> <!-- Include Editor JavaScript file--> <script type="text/javascript" src="https://cdn.jsdelivr.net/npm/froala-editor@latest/js/froala_editor.pkgd.min.js"></script> |
|
| NPM |
npm install froala-editor |
<!--
Replace the {download-folder-path} in the following example with the path to the folder containing the stylesheet file e.g.
../css/froala_editor.pkgd.min.js
-->
<link href="{download-folder-path}/froala_editor.pkgd.min.css" rel="stylesheet" type="text/css" />
<!--
Replace the {download-folder-path} with the path to the folder containing the JS file e.g.
../js/froala_editor.pkgd.min.js
-->
<script type="text/javascript" src="{download-folder-path}/froala_editor.pkgd.min.js"></script>
|
|
| bower |
bower install froala-wysiwyg-editor |
||
| NO Package Manager | Download Froala WYSIWYG Editor files using the download form here. | ||
| Integrated with a Framework | Select your preferred framework from 17 different popular frameworks. | ||
| Other options | Check here for other options to use Froala WYSIWYG Editor in your project. | ||
For Froala Editor Version 2 Users:
Follow this migration guide to get step-by-step instructions on how to upgrade from version 2.
Try The Latest Froala Editor
Explore a variety of examples that demonstrate the functionality of the Froala HTML Editor.
Support and Feedback
We are dedicated to always offering the best possible experience for all our users. We believe this release, meant to enhance Typescript support, is a stepping stone towards that commitment. We encourage you to try this improved Typescript support and give us your valuable feedback. Your input is crucial for delivering continuous enhancement in meeting your evolving needs. Thank you for being a valuable part of our vibrant and growing community.
We would like to hear what you think of the latest release! Join us on our GitHub Community to chat with our product manager, developers, and other members of the Froala team.
Change Log
- Please visit the release notes for a complete list of changes.
Get Started
- You can download and start using Froala in less than five minutes following our get started guide.
Technical Questions
- If you have a technical question, you can check whether we have already answered it in our help center. If not, contact our Support team.
No comment yet, add your voice below!